[Buildroot] [PATCH] libcurl: enable mbedtls support

Luca Ceresoli luca at lucaceresoli.net
Mon Feb 1 17:52:25 UTC 2016


Hi Gustavo,

Gustavo Zacarias wrote:
> On 01/02/16 13:27, Luca Ceresoli wrote:
>
>> This is unrelated to your change, it should be a separate patch. But
>> anyway I don't understand why it should be removed: we still package
>> polarssl 1.2.18, so the comment should still apply. Am I missing
>> something?
>>
>> With that fixed (or explained):
>>   Reviewed-by: Luca Ceresoli <luca at lucaceresoli.net>
>>
>> And:
>> [Built with/without mbedtls, ran on qemu, checked that 'curl -V' shows
>> the SSL only with mbedtls]
>> Tested-by: Luca Ceresoli <luca at lucaceresoli.net>
>
> Hi.
> As you know polarssl was renamed to mbedtls when bought by ARM, this was
> circa the 1.3.x release.
> Older 1.3.x releases install the library as polarssl alone, newer ones
> install dual as polarssl with symlinks to mbedtls (might be the other
> way around, i don't recall at the moment - it doesn't matter anyway), so
> first the distinction between polarssl and mbedtls is terribly blurred
> for the 1.3.x series.
> Incidentally this is what makes polarssl 1.2.x being able to live
> side-by-side with mbedtls (2.x, which doesn't keep legacy handling) (i
> believe this is more product of branding/accident than careful thinking).
> So now in some cases polarssl means 1.2.x, in other cases it means
> mbedtls 1.3.x, or the new version because nobody cared to rename
> everything.
> Basically any explanation given out of context is useless without
> historical context.
> Making 1.3.x live side-by-side with mbedtls (let's call it that way for
> 2+) is probably possible by ditching the new naming and just keeping
> compat, i had a look but i think it was a dead end anyway, this requires
> patching the build of mbedtls/polarssl 1.3.x somewhat and that wouldn't
> be accepted upstream.

Thank you for the explanation. Indeed, it got me totally puzzled! I am
no mbedtls/polarssl expert, I never used them...

If I understand correctly:
  - without this patch, the comment states that you'd need to upgrade
    polarssl to 1.3.x to have it supported in libcurl
  - with the patch libcurl uses mbedtls, which makes polarssl
    uninteresting.

Is it correct?

-- 
Luca



More information about the buildroot mailing list